Delhi AIIMS servers hacked by Chinese, data safe now: Govt sources
NEW DELHI,DEC 14 : Top government sources have revealed that the server of the AIIMS in Delhi was hacked by the Chinese. The officials claimed that out of 100 servers (40 physical and 60 virtual), five physical servers were successfully infiltrated by the hackers. According to the sources, the damage would have been far worse, but it was averted with timely intervention.
Speaking to India Today off the records, the sources informed that the first layer of the server attack has been cracked and the two locations zeroed in by the investigating teams are China’s Zhenan and Hong Kong.
The hackers were using VPN to mask their IP addresses, sources said. Post cracking the VPN the investigators have zeroed in on the location.
In November, services at New Delhi’s All India Institute of Medical Sciences (AIIMS) were badly affected as the server used by the hospital was down for close to nine hours. A statement released by AIIMS said the server was down due to a possible ransomware attack.
Hackers had allegedly demanded an estimated Rs 200 crore in cryptocurrency from AIIMS. The data of around 3-4 crore patients was feared to have been compromised due to the breach detected.
Patient care services in the emergency, outpatient, inpatient, and laboratory wings were manually managed as the servers remained down.
On December 2, five main servers of the hospital came under a cyber attack, thus compromising the personal data of millions of patients. According to sources, the cyber attack was suspected to be carried out by Chinese hackers.
On December 3, CloudSEK, a firm that predicts cyber threats, said they discovered that the personal data of 1.5 lakh patients from Tamil Nadu’s Sree Saran Medical Center was sold by hackers on popular cybercrime forums and a Telegram channel used to sell databases.
Days later, on December 4, a cyber attack was reported at Delhi’s Safdarjung Hospital. However, the attack was not as severe as those reported at AIIMS. Sources today also informed that the attack was unsuccessful and investigating teams zeroed in a Hong Kong-based IP address.
-PTI